Rogue reporters kicked out of conference for network snooping

Black Hat Three rogue journalists were ejected from the Black Hat security conference after being accused of connecting monitoring tools to the press room computer network and sniffing reporters' passwords.

The reporters worked for French-based Global Security Magazine, a Black Hat media sponsor. According to screenshots posted here, the men intercepted passwords of journalists working for CNET News and eWeek, although CNET Newssays here that the username and password displayed were inaccurate. It's unknown how many other journalists the interlopers snooped.

The wireless networks at Black Hat, and Defcon, its sister conference which starts Friday, are widely considered hostile. It's expected that attendees will come armed with brand new exploits and test them on fellow participants. The networks used in press rooms are another matter altogether. They are ethernet based, and up to now have been presumed off limits to pranksters.

The presumption of privacy could prove to be key in determining whether the three men violated federal wiretap statutes, said Kurt Opsahl, an attorney for the Electronic Frontier Foundation.

"As a general rule, capturing the content or communications without consent of any of the parties is illegal."

According to reporters who witnessed the event, the three journalists spent much of the day huddling over their equipment, and later took their pilfered data to people manning the so-called Wall of Sheep, an outfit that scans the conference Wi-Fi network for people who send passwords and other sensitive data in the clear. They then slightly redact the information and display it on a projector, in an attempt to shame attendees who are caught, so to speak, with their pants down. The Wall of Sheep personnel rebuffed the offer in this case.

The men were identified as Mauro Israel, Dominique Jouniot and Marc Brami. Black Hat officials speculated they may have carried out their attack by setting up a DHCP server. Having been kicked out of the conference, they weren't immediately available for comment. CNET News, which asked them why they carried out the stunt, said they wanted to educate the public about the ease of sniffing people even on networks that are wired.

The event is another reminder that privacy, even on wired networks, only goes so far. Fortunately for us, all our traffic was sent through an encrypted tunnel courtesy of OpenVPN, a free and extremely powerful open source package. It may have taken three days to configure it, but the additional layer of security was well worth it. ®